QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2017-0016

Back to search

CVE-2017-0016

Published: Mar 17, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

Microsoft Windows 10 Gold, 1511, and 1607; Windows 8.1; Windows RT 8.1; Windows Server 2012 R2, and Windows Server 2016 do not properly handle certain requests in SMBv2 and SMBv3 packets, which allows remote attackers to execute arbitrary code via a crafted SMBv2 or SMBv3 packet to the Server service, aka "SMBv2/SMBv3 Null Dereference Denial of Service Vulnerability."

VendorProductVersions

Microsoft Corporation

SMBv2/SMBv3

affected
Windows 10 Gold, 1511, and 1607; Windows 8.1; Windows RT 8.1; Windows Server 2012 R2, and Windows Server 2016

References

95969
vdb-entry
x_refsource_BID
1037767
vdb-entry
x_refsource_SECTRACK
1038001
vdb-entry
x_refsource_SECTRACK

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now